FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Andy_G
Staff
Staff
Article Id 191217
Description
This article provides information relating to error messages that may be seen during the start up of Fortinet Small Business models such as the FortiGate 30B, FortiGate 50B, FortiGate 60B and FortiGate 60C.

In order to avoid potential hardware problems it is important to always shut down the Fortinet operating system properly before turning off the power switch.  If a graceful shutdown is not performed it may result in the corruption of the flash file system.

Over a period of time bad blocks may develop within the flash memory, in this case the flash needs to be scanned from the BIOS to fix the bad blocks.

These issues may result in error messages during OS booting up, typical errors include:
  • Initializing firewall...TAR: migadmin/ids/: error 10
    crc errorINITTAR: falling back to normal initrd...
    crc errorFAT: bogus logical sector size 0
    Kernel panic: VFS: Unable to mount root fs on 01:00

 

  • info: Failed to scan JFFSv2 file structure
    Open boot device failed.

 

  • ......
    in grub_open errnum=2
    in grub_open errnum=2
    Open boot image failed.

 

  • EXT2-fs error (device mtdblock(31,1)): ext2_free_blocks: bit already cleared for block 15475

Scope

Fortinet Small Business models.


Solution
The following steps can be used to mark bad blocks on the FortiGate 30B, FortiGate 50B and FortiGate 60B:
FGT50B (11:04-02.28.2007)
Ver:04000007
Serial number:FGT50BXXXXXXXXXXX
RAM activation
Total RAM: 256MB
Enabling cache...Done.
Scanning PCI bus...Done.
Allocating PCI resources...Done.
Enabling PCI resources...Done.
Zeroing IRQ settings...Done.
Verifying PIRQ tables...Done.
Enabling Interrupts...Done.
Boot up, boot device capacity: 64MB.
Press any key to display configuration menu...
..
[G]: Get firmware image from TFTP server.
[F]: Format boot device.
[I]: Configuration and information.
[Q]: Quit menu and continue to boot with default firmware.
[H]: Display this list of options.
Enter Selection [G]:
Enter G,F,I,Q,or H: d ---------------- Press “d” to debug menu
dr: Disable onboard RAM.
rt: Start RAM test.
offc: Turn off cache.
onc: Turn on cache.
lpci: List all PCI devices.
spci: Set PCI configuration registers.
clk: Display real time clock.
q: Quit debug mode.
h: Display this command list.
:k --------------- Press “k” to scan the flash
Flash CS0 is configured as a I/O based NAND controller at address=FF80h
Flash I/O not enabled in MSR_DIVIL_BALL_OPTS
ID NAND device returned ... AD 76 AD 76 AD 76 AD 76
ROM manufacturer=AD device=76
The ROM is a 64 MB Hynix HY27US08121M device
Scan and verify Nand flash's block(Blocks=0X1000)-->
List existing bad block(s):
------------------------------
------------------------------
start_block-->0x000 ------------ Input “000” as the start block
end_block-->0xfff ------------ Input “fff” as the end block
Testing block: 0X0000~0X0FFF of 0X0401
Block[0X0401]->Error at offset:0X006C, written:0XB6, read:0XB4
Block[0X0401]->Error at offset:0X0089, written:0X1A, read:0X0A
Block[0X0401]->Error at offset:0X0129, written:0XB1, read:0X91
Block[0X0401]->Error at offset:0X012F, written:0X0E, read:0X0A
Block[0X0401]->Error at offset:0X04DD, written:0XA6, read:0XA4
Block[0X0401]->Error at offset:0X0532, written:0X67, read:0X47
Block[0X0401]->Error at offset:0X0537, written:0XDB, read:0X5B
Block[0X0401]->Error at offset:0X0593, written:0X9A, read:0X8A
Block[0X0401]->Error at offset:0X05C4, written:0XE1, read:0XC1
Block[0X0401]->Error at offset:0X07E4, written:0X7C, read:0X5C
Block[0X0401]->Error at offset:0X092F, written:0XC5, read:0XC1
Block[0X0401]->Error at offset:0X0C85, written:0XDC, read:0X9C
Block[0X0401]->Error at offset:0X1085, written:0XD0, read:0X90
Block[0X0401]->Error at offset:0X1485, written:0XE4, read:0XA4
Block[0X0401]->Error at offset:0X17E4, written:0X20, read:0X00
Block[0X0401]->Error at offset:0X1885, written:0X5E, read:0X1E
Block[0X0401]->Error at offset:0X1891, written:0XB6, read:0X36
Block[0X0401]->Error at offset:0X1C85, written:0XF8, read:0XB8
Block[0X0401]->Error at offset:0X1FE4, written:0X68, read:0X48
Block[0X0401]->Error at offset:0X2085, written:0XD1, read:0X91
Block[0X0401]->Error at offset:0X2C85, written:0XC2, read:0X82
Block[0X0401]->Error at offset:0X3485, written:0X47, read:0X07
Block[0X0401]->Error at offset:0X3885, written:0X73, read:0X33
Block[0X0401]->Error at offset:0X3C85, written:0XF7, read:0XB7
Testing block: 0X0000~0X0FFF of 0X0FFF
At least one block verification failed!
Nand flash chip's block status:
Failed block of verification: 0401 ------- Found one bad block
Want to mark the above block(s) as bad blocks?... (y/n)y --------- Press “y” to mark this block as bad block
------------------------------
Bad block already: 0X0401
------------------------------
Mark failed block(s) of verification as bad block(s)!
Recreate bad block table) - (y/n)y ---- Input “y” to recreat the bad block table.

The following steps can be used to mark bad blocks on the FortiGate 60C:
FortiGate-60C (18:52-06.18.2010)
Ver:04000010
Serial number: FGT60CXXXXXXXXXXX
CPU(00): 525MHz
Total RAM: 512 MB
NAND init... 128 MB
MAC Init... nplite#0
Press any key to display configuration menu...
..
[G]: Get firmware image from TFTP server.
[F]: Format boot device.
[I]: Configuration and information.
[B]: Boot with backup firmware and set as default.
[Q]: Quit menu and continue to boot with default firmware.
[H]: Display this list of options.
Enter G,F,I,Q,or H: D
[p]: normal POST test.
[n]: NAND scan bad block (data will be lost).
[q]: quit this menu.
n

The majority of error messages during start up are related to the flash or incorrect operation (for example, unplugging the power cable directly instead of using the shut down command). A simple way to recover the unit is usually to format the flash and reload the OS using TFTP Server.

The related article "Technical Note : Loading FortiGate firmware image using TFTP" explains how to reload the firmware image.

Related Articles

Technical Tip: Formatting and loading FortiGate firmware image using TFTP

Contributors